keyTypes and issuers may be used to narrow down suggested choices to the user. If either keyTypes or issuers is specified and non-empty, and there are no matching certificates in the KeyChain, then the certificate selection prompt would be suppressed entirely
Needed for CBA investigation.
Context:
got an IcM where the customer is getting CBA prompt sporadically. https://portal.microsofticm.com/imp/v3/incidents/incident/505319757/summary
Either there's an OS bug, or the server is sporadically sending malformed challenge.
From Android Documentation
keyTypes and issuers may be used to narrow down suggested choices to the user. If either keyTypes or issuers is specified and non-empty, and there are no matching certificates in the KeyChain, then the certificate selection prompt would be suppressed entirely